CVE-2002-1569

Description

gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.

How to fix CVE-2002-1569

To remediate CVE-2002-1569, upgrade the affected package to a fixed version below.

• Debian/gv—upgrade to 1:3.5.8-27 or later

Is CVE-2002-1569 being exploited?

Low — EPSS is 2.5%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1:3.5.8-27

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2002-1569